Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/CgwIC7U5EMfjqPBoBzQz1qt2sS8.roa
File: CgwIC7U5EMfjqPBoBzQz1qt2sS8.roa (raw, json)
Hash identifier: TYH217815q1CPSBQ2zf5T2ZpBPZxS9DP+APdNFfQNnA=
Subject key identifier: 0A:0C:08:0B:B5:39:10:C7:E3:A8:F0:68:07:34:33:D6:AB:76:B1:2F
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01856CAF10837B9D12DA4DA6E496FD225039
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/CgwIC7U5EMfjqPBoBzQz1qt2sS8.roa
Signing time: Sun 01 Jan 2023 09:34:50 +0000
ROA not before: Sun 01 Jan 2023 09:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4477
IP address blocks: 2a09:7c40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:10:83:7b:9d:12:da:4d:a6:e4:96:fd:22:50:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Jan 1 09:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a0c080bb53910c7e3a8f068073433d6ab76b12f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0c:0c:d3:82:0e:05:11:aa:41:5b:7e:53:06:
9f:56:1e:69:d5:67:95:d1:20:93:b1:e5:43:bd:b3:
c7:ff:37:58:e7:53:c5:90:f5:d3:20:6c:ad:22:af:
8d:0a:9f:23:97:10:a6:51:e6:2f:e0:da:0e:58:6e:
2f:4a:09:ed:8c:85:85:52:66:11:15:35:2f:0e:08:
d5:fd:7d:7a:0e:aa:3b:0a:5d:9e:d1:bf:e2:07:ef:
7f:a4:2b:7b:f2:17:7d:47:c9:b1:e5:88:5f:82:32:
86:2b:15:57:02:96:fc:9d:dd:31:2b:3b:0b:77:9b:
af:f9:cd:d5:d4:4a:8a:a9:be:66:b2:79:3d:74:cd:
2d:d0:55:6f:87:45:b0:74:61:cb:4a:d1:8b:23:8b:
82:2e:cc:c8:20:5c:d2:2b:96:f5:df:67:9c:d1:f9:
fd:09:83:d8:f8:91:99:5f:c9:2b:50:0d:f3:fb:c0:
ec:24:73:05:34:4f:74:35:8f:36:37:8a:97:3a:a0:
93:61:88:b4:26:a7:59:d3:8f:2d:7d:cb:d7:bb:c1:
0d:ec:1d:f3:16:05:f9:50:16:ca:39:9a:af:64:90:
c5:5f:32:dd:aa:e3:be:e4:94:c9:93:f4:61:38:3c:
19:10:cb:14:73:0c:b9:70:06:29:6e:e0:3f:7f:95:
6e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:0C:08:0B:B5:39:10:C7:E3:A8:F0:68:07:34:33:D6:AB:76:B1:2F
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/CgwIC7U5EMfjqPBoBzQz1qt2sS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
44:e5:a2:7d:d4:a4:37:f1:2f:26:92:73:21:4d:1e:fd:a5:b3:
44:1b:74:c5:93:21:0c:69:e1:df:5b:1b:d7:d7:84:a9:9f:f7:
4d:51:45:ef:33:da:b3:7c:38:dc:4d:ad:0d:7f:90:9c:64:c5:
23:86:88:c1:71:68:98:f3:87:15:69:e1:4a:dd:28:da:0b:3c:
fb:81:02:b0:f1:11:59:77:0e:b8:29:f3:23:05:93:04:1f:2d:
6b:04:60:af:14:67:d9:4b:2f:87:c3:66:db:f4:c6:c3:f2:55:
d4:a7:1f:3a:93:ac:42:38:66:85:61:85:55:d7:c2:83:cc:2d:
ec:c6:fd:e4:c6:85:89:49:27:f1:ed:c5:45:98:9f:d6:25:eb:
09:09:3a:97:34:9f:50:43:02:7d:db:f1:1d:e9:4a:76:1d:cd:
72:52:d2:5d:dc:a3:aa:e7:9b:b6:7d:ec:5e:02:de:a6:cc:91:
07:9d:f2:e2:4a:e4:75:47:dd:5c:1f:b4:09:1b:c9:af:03:f5:
7b:24:01:b4:c9:82:a7:98:d8:61:b0:89:fa:bf:c7:61:35:5c:
c4:fa:f7:db:9c:52:8a:63:ca:8d:92:ff:b1:20:7a:72:bd:4c:
6b:48:df:d4:fe:1a:62:d0:20:33:ee:03:02:fb:21:e2:05:86:
ba:7d:34:65
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsrxCDe50S2k2m5Jb9IlA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMwMTAxMDkzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTBjMDgwYmI1MzkxMGM3ZTNhOGYwNjgwNzM0MzNkNmFiNzZiMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgwM04IOBRGqQVt+UwafVh5p1WeV
0SCTseVDvbPH/zdY51PFkPXTIGytIq+NCp8jlxCmUeYv4NoOWG4vSgntjIWFUmYR
FTUvDgjV/X16Dqo7Cl2e0b/iB+9/pCt78hd9R8mx5YhfgjKGKxVXApb8nd0xKzsL
d5uv+c3V1EqKqb5msnk9dM0t0FVvh0WwdGHLStGLI4uCLszIIFzSK5b132ec0fn9
CYPY+JGZX8krUA3z+8DsJHMFNE90NY82N4qXOqCTYYi0JqdZ048tfcvXu8EN7B3z
FgX5UBbKOZqvZJDFXzLdquO+5JTJk/RhODwZEMsUcwy5cAYpbuA/f5VukQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAoMCAu1ORDH46jwaAc0M9ardrEvMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvQ2d3SUM3VTVFTWZqcVBCb0J6UXoxcXQyc1M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgl8QDAN
BgkqhkiG9w0BAQsFAAOCAQEAROWifdSkN/EvJpJzIU0e/aWzRBt0xZMhDGnh31sb
19eEqZ/3TVFF7zPas3w43E2tDX+QnGTFI4aIwXFomPOHFWnhSt0o2gs8+4ECsPER
WXcOuCnzIwWTBB8tawRgrxRn2Usvh8Nm2/TGw/JV1KcfOpOsQjhmhWGFVdfCg8wt
7Mb95MaFiUkn8e3FRZif1iXrCQk6lzSfUEMCfdvxHelKdh3NclLSXdyjquebtn3s
XgLepsyRB53y4krkdUfdXB+0CRvJrwP1eyQBtMmCp5jYYbCJ+r/HYTVcxPr325xS
imPKjZL/sSB6cr1Ma0jf1P4aYtAgM+4DAvsh4gWGun00ZQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:53 2023 by rpki-client on console-ams.rpki-client.org